SlideShare a Scribd company logo

Modern Software Testing and Formal Verification Techniques

S
Sergey Staroletov

The document discusses modern software testing and formal verification techniques. It introduces formal verification through model checking as a way to mathematically prove that a model program satisfies given requirements. The SPIN model checker and its input language Promela are presented. Promela allows modeling concurrent systems and non-deterministic behavior. Model checking can find errors by exploring all possible states but faces the state space explosion problem for large systems. The document provides examples of modeling systems and expressing requirements in linear temporal logic to verify their properties.

Software
1 of 52
Download to read offline
Modern Software Testing and Formal Verification Techniques Day 2 Sergey Staroletov Polzunov Altai State Technical University, Lenin avenue 46, Barnaul, 656038, Russia Email: serg soft@mail.ru June 25, 2019 1 / 52
Testing and Formal Verification Software engineering world has already developed a sufficient amount of testing technologies and they are applicable well when creating typical desktop applications or web sites with their business logic. For systems that need to work in the CRITICAL industries such as embedded control systems, aircraft management entities, operating system components, the testing process does not guarantee sufficient output quality of the product and the appearance of an error can lead to costly consequences. It is because the testing is not able to prove the absence of errors over all possible states and can only show their lack at a particular test. 2 / 52
Model Checking Formal verification is a way to mathematically prove the model program with respect to the requirements (assumptions of correct model behavior). In the Model Checking approach, these requirements are usually expressed in a timed logic, such as LTL or CTL. The models for verification are usually written in a special modeling language, which simplifies ordinary imperative or functional programming language with some reduction of types, available memory, standard library but adds some kind of modeling of process interoperations and non-deterministic transitions. 3 / 52
SPIN and Promela SPIN [spinroot.com] is a verifier for models written in special Promela input language with respect to given LTL requirements consisted of model key variables. Some language features: it is an actor-based (process-oriented) language a C-style syntax in some cases code in the language looks having the functional style, but the language does not offer to define functions, it uses inline declarations quite similar to the macros in C allows non-deterministic transitions primarily designed to describe protocols interoperations. Nearest closest mainstream language is Erlang. 4 / 52
SPIN and Promela SPIN: Simple Promela INterpreter Promela: PROtocol MEta-LAnguage Based on researches by Amir Pnueli (LTL) Gerard J. Holzmann (SPIN) 5 / 52
MBC process 6 / 52
Get my code samples for free! https://github.com/SergeyStaroletov/PromelaSamples 7 / 52
SPIN and Promela example int var = 2; int count = 0; l t l formula { [ ] ( var >= 0)} active proctype main ( ) { do : : count != 3 −> { i f : : true−> var = var + 1; : : true−> var = var − 1; f i count = count + 1; } : : else −> break od } 8 / 52
SPIN internal automaton for the example program 9 / 52
SPIN internal automaton for the example formula 10 / 52
Parallel composition of internal automata of program and formula 11 / 52
Parallel composition of internal automata of program and formula with non-determinism resolution 12 / 52
Main problem in Model Checking The problem of the explosion of the number of states during the verification of real programs is exist and it is very challenging. The more processes and the more parallel instructions in a program, the more difficult it becomes to do the verification (if it is possible at all!), because the number of states is growing too fast. To reduce the brute force, special algorithms are used: Partial order reduction State compression Symbolic model checking Bitstate hashing Bounded context switching 13 / 52
Non-deterministic IF clause The Promela language contains conditions in the form i f : : boolean expression1 −> actions1 : : boolean expression2 −> actions2 : : boolean expressionN −> actionsN f i It is considered that in order to perform a certain action, it is necessary that the corresponding logical expression was true. 14 / 52
Non-deterministic IF clause The Promela language contains conditions in the form Refer to the code snippet in Promela, modeling the Leader Selection algorithm (Dolev, Klawe & Rodeh): i f /∗ non−d e t e r m i n i s t i c choice ∗/ : : I n i [ 0 ] == 0 && N >= 1 −> I n i [ 0 ] = I : : I n i [ 1 ] == 0 && N >= 2 −> I n i [ 1 ] = I : : I n i [ 2 ] == 0 && N >= 3 −> I n i [ 2 ] = I : : I n i [ 3 ] == 0 && N >= 4 −> I n i [ 3 ] = I : : I n i [ 4 ] == 0 && N >= 5 −> I n i [ 4 ] = I : : I n i [ 5 ] == 0 && N >= 6 −> I n i [ 5 ] = I f i with N equal to, for example, 3 and the zero value of Ini, it has four variants of non-deterministic steps in the Promela model to continue at this point. 15 / 52
Degree of abstraction in modeling languages Modeling languages are declarative They offers to decompose system behavior to very high-level model We do not care about particular logic of transitions: we just say: sometime there will be a transition During model checking process the verifier will check all possible variants of transitions 16 / 52
Expressing requirements in LTL LTL formula – is a formula on global program variables, standard boolean and newly introduced additional operators: [] – the temporal operator Globally (”Always”). [] p means that the predicate p must always be hold (if p is false in one of the states, we get an error) <> – temporal operator Eventually (”Sometimes”). <> p means that p should become true sometime in the future (before that it may be false) X (Next), X p means that p should be true in the next state, however, it is not available in SPIN by default U – is the temporal operator ”Until”. p U q means that q should be hold at some point in time in the future, and before that p should be hold all the time W – is the temporal operator ”non-strict Until”, p W q works in the same way as p U q, but q can never be hold (or it can be hold) V is the double U, (p V q) means !(!p U !q) 17 / 52
Expressing requirements in LTL Examples from the book ”Model Checking” by Y.G. Karpov: Today he plays jazz, tomorrow he will sell his Motherland (Next) Lenin lived, Lenin lives, Lenin will live. V.I. Lenin (Globally) Once Persil is always Persil (Globally with implication) We are not friends until you apologize (Until) We will fight until we win (non-strict Until ) Someday I will definitely love Masha (Eventually) 18 / 52
Expressing requirements in LTL 19 / 52
Sample system: Login Window A model for GUI: 4 windows with checking login data and opening secret or non-secret window 20 / 52
The requirements 21 / 52
Main window model code 22 / 52
Main window model internal automaton 23 / 52
Login window model code 24 / 52
Login window model internal automaton 25 / 52
Secret and Non-Secret window model code 26 / 52
iSpin tool 27 / 52
iSpin tool – simulation 28 / 52
iSpin tool – MSC 29 / 52
iSpin tool – Verification 30 / 52
iSpin tool – Verification – incorrect formula implies verification error 31 / 52
iSpin tool – Verification – incorrect formula implies verification error - replaying the counterexample 32 / 52
Modeling a queuing system: Russian Fast-Food A Hungry Man makes an order to the Manager and expects it; The Manager waits for the order, transfers the order for Pancake and Kvass to the Cook, waits for the finished Pancake and poured Kvass from the Cook and transfers the finished order to the Hungry Man; The Cook receives an order for Kvass and a Pancake from the Manager, pours Kvass and prepares a Pancake; Kvass and Pancake are waiting for the Cook to cook them, and are served to the Manager. 33 / 52
Modeling a queuing system: Russian Fast-Food 34 / 52
Modeling a queuing system: Russian Fast-Food 35 / 52
Modeling a queuing system: Russian Fast-Food 36 / 52
Modeling a queuing system: Russian Fast-Food 37 / 52
Modeling a queuing system: Russian Fast-Food :: Simulation (Got an error) 38 / 52
Modeling a queuing system: Russian Fast-Food :: Simulation in a loosing message channel mode (OK) 39 / 52
Modeling a queuing system: Russian Fast-Food So, the system will have a starvation. Direct process operation will lead to loosing the orders. Such queuing systems requires the queuing. 40 / 52
Solving recursive puzzles with Model Checking based on CounterExample-Driven Approach We want to solve logic puzzles That puzzle can be solved recursively or sometimes using dynamic programing method We can use different approach 1 Code in Promela the system behavior from the problem description with using non-deterministic if clause 2 Request SPIN verifier to check the goal: we will not solve this game 3 If the game is solvable, the verifier will found a counterexample 4 The counterexample is a solution. 41 / 52
Hano¨ı Tower Suppose there are three rods on which you can fit round disks of different sizes, and you must put a smaller disk on a larger disk, but not vice versa. We assume that there are 5 disks. Initially they are all on the first bar. It is necessary to move them (all 5) to the third rod, using the second rod as an intermediate place. 42 / 52
Hano¨ı Tower Suppose there are three rods on which you can fit round disks of different sizes, and you must put a smaller disk on a larger disk, but not vice versa. We assume that there are 5 disks. Initially they are all on the first bar. It is necessary to move them (all 5) to the third rod, using the second rod as an intermediate place. 43 / 52
Hano¨ı Tower (real photo) 44 / 52
Hano¨ı Tower – initial code 45 / 52
Hano¨ı Tower – step rules Check if there are any more discs on the rod. Is it possible to move to another rod (the number of elements there is in 0 to N, not including the upper disk on the rod with the size not larger than that moved disk size)? Move the disk by adding an element to the top of the array, increasing the number of elements in the new rod and decreasing in the old one. Or maybe we do not to do it, but why not to switch to another rod to move disks from it or move them to another rod? 46 / 52
Hano¨ı Tower – step code (1 to 2) 47 / 52
Hano¨ı Tower – verification Trying the counterexample [] (count3 != 5) and we got a solution! 48 / 52
Hano¨ı Tower – simulation the counterexample with the solution 49 / 52
Hano¨ı Tower – optimal solution Trying formulas like [] ( count3!=5 || moves!=50) and decrease moves count and we got the optimal solution with [] ( count3!=5 || moves!=31)! It required to reduce Maximum Search Depth to 1000 steps. 50 / 52
My research on Model Checking Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-Based Checking. SYRCoSE 2019. Applying Model Checking Approach with Floating Point Arithmetic for Verification of Air Collision Avoidance Maneuver Hybrid Model. Accepted for SPIN 2019. A Method to Verify Parallel and Distributed Software in C# by Doing Roslyn AST Transformation to a Promela Model. Preprint. 51 / 52
Learn more about Model Checking by reading in a calm place 52 / 52

Recommended

9781111530532 ppt ch01
9781111530532 ppt ch019781111530532 ppt ch01
9781111530532 ppt ch01Terry Yoast
 
Software Design Principles and Best Practices - Satyajit Dey
Software Design Principles and Best Practices - Satyajit DeySoftware Design Principles and Best Practices - Satyajit Dey
Software Design Principles and Best Practices - Satyajit DeyCefalo
 
9781111530532 ppt ch04
9781111530532 ppt ch049781111530532 ppt ch04
9781111530532 ppt ch04Terry Yoast
 
Guerrero rullan ppt
Guerrero rullan pptGuerrero rullan ppt
Guerrero rullan pptgeorge1616
 
CMSC 330 QUIZ 4
CMSC 330 QUIZ 4CMSC 330 QUIZ 4
CMSC 330 QUIZ 4HamesKellor
 
9781111530532 ppt ch03
9781111530532 ppt ch039781111530532 ppt ch03
9781111530532 ppt ch03Terry Yoast
 
Looping and switch cases
Looping and switch casesLooping and switch cases
Looping and switch casesMeoRamos
 
C programming interview questions
C programming interview questionsC programming interview questions
C programming interview questionsadarshynl
 

Recommended

9781111530532 ppt ch01
9781111530532 ppt ch019781111530532 ppt ch01
9781111530532 ppt ch01Terry Yoast
 
Software Design Principles and Best Practices - Satyajit Dey
Software Design Principles and Best Practices - Satyajit DeySoftware Design Principles and Best Practices - Satyajit Dey
Software Design Principles and Best Practices - Satyajit DeyCefalo
 
9781111530532 ppt ch04
9781111530532 ppt ch049781111530532 ppt ch04
9781111530532 ppt ch04Terry Yoast
 
Guerrero rullan ppt
Guerrero rullan pptGuerrero rullan ppt
Guerrero rullan pptgeorge1616
 
CMSC 330 QUIZ 4
CMSC 330 QUIZ 4CMSC 330 QUIZ 4
CMSC 330 QUIZ 4HamesKellor
 
9781111530532 ppt ch03
9781111530532 ppt ch039781111530532 ppt ch03
9781111530532 ppt ch03Terry Yoast
 
Looping and switch cases
Looping and switch casesLooping and switch cases
Looping and switch casesMeoRamos
 
C programming interview questions
C programming interview questionsC programming interview questions
C programming interview questionsadarshynl
 
C programming session7
C programming session7C programming session7
C programming session7Keroles karam khalil
 
Lecture13 control statementswitch.ppt
Lecture13 control statementswitch.pptLecture13 control statementswitch.ppt
Lecture13 control statementswitch.ppteShikshak
 
Brixton Library Technology Initiative Week1 Recap
Brixton Library Technology Initiative Week1 RecapBrixton Library Technology Initiative Week1 Recap
Brixton Library Technology Initiative Week1 RecapBasil Bibi
 
Fortran - concise review
Fortran - concise reviewFortran - concise review
Fortran - concise reviewHans Zimermann
 
Password protected diary
Password protected diaryPassword protected diary
Password protected diarySHARDA SHARAN
 
The GO programming language
The GO programming languageThe GO programming language
The GO programming languageMarco Sabatini
 
8 statement-level control structure
8 statement-level control structure8 statement-level control structure
8 statement-level control structurejigeno
 
C notes diploma-ee-3rd-sem
C notes diploma-ee-3rd-semC notes diploma-ee-3rd-sem
C notes diploma-ee-3rd-semKavita Dagar
 
Fortran 95
Fortran 95Fortran 95
Fortran 95Zaahir Salam
 
C++ ppt
C++ pptC++ ppt
C++ pptparpan34
 
C programming session3
C programming session3C programming session3
C programming session3Keroles karam khalil
 
Introduction to C programming
Introduction to C programmingIntroduction to C programming
Introduction to C programmingRutvik Pensionwar
 
Intr fortran90
Intr fortran90Intr fortran90
Intr fortran90neetesh singh raghuvanshi
 
POLITEKNIK MALAYSIA
POLITEKNIK MALAYSIAPOLITEKNIK MALAYSIA
POLITEKNIK MALAYSIAAiman Hud
 
Switch case and looping statement
Switch case and looping statementSwitch case and looping statement
Switch case and looping statement_jenica
 
The Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyThe Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyRay Buse
 
Fortran introduction
Fortran introductionFortran introduction
Fortran introductionsanthosh833
 
Ch4 Expressions
Ch4 ExpressionsCh4 Expressions
Ch4 ExpressionsSzeChingChen
 
Notes on algorithms
Notes on algorithmsNotes on algorithms
Notes on algorithmsValencia Jeremiah
 
Decision making and loop in C#
Decision making and loop in C#Decision making and loop in C#
Decision making and loop in C#Prasanna Kumar SM
 
Integrating Model Checking and Procedural Languages
Integrating Model Checking and Procedural LanguagesIntegrating Model Checking and Procedural Languages
Integrating Model Checking and Procedural Languagesbutest
 
Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...
Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...
Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...Sergey Staroletov
 

More Related Content

What's hot

Lecture13 control statementswitch.ppt
Lecture13 control statementswitch.pptLecture13 control statementswitch.ppt
Lecture13 control statementswitch.ppteShikshak
 
Brixton Library Technology Initiative Week1 Recap
Brixton Library Technology Initiative Week1 RecapBrixton Library Technology Initiative Week1 Recap
Brixton Library Technology Initiative Week1 RecapBasil Bibi
 
Fortran - concise review
Fortran - concise reviewFortran - concise review
Fortran - concise reviewHans Zimermann
 
Password protected diary
Password protected diaryPassword protected diary
Password protected diarySHARDA SHARAN
 
The GO programming language
The GO programming languageThe GO programming language
The GO programming languageMarco Sabatini
 
8 statement-level control structure
8 statement-level control structure8 statement-level control structure
8 statement-level control structurejigeno
 
C notes diploma-ee-3rd-sem
C notes diploma-ee-3rd-semC notes diploma-ee-3rd-sem
C notes diploma-ee-3rd-semKavita Dagar
 
Introduction to C programming
Introduction to C programmingIntroduction to C programming
Introduction to C programmingRutvik Pensionwar
 
POLITEKNIK MALAYSIA
POLITEKNIK MALAYSIAPOLITEKNIK MALAYSIA
POLITEKNIK MALAYSIAAiman Hud
 
Switch case and looping statement
Switch case and looping statementSwitch case and looping statement
Switch case and looping statement_jenica
 
The Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyThe Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyRay Buse
 
Fortran introduction
Fortran introductionFortran introduction
Fortran introductionsanthosh833
 
Decision making and loop in C#
Decision making and loop in C#Decision making and loop in C#
Decision making and loop in C#Prasanna Kumar SM
 

What's hot (20)

C programming session7
C programming session7C programming session7
C programming session7
 
Lecture13 control statementswitch.ppt
Lecture13 control statementswitch.pptLecture13 control statementswitch.ppt
Lecture13 control statementswitch.ppt
 
Brixton Library Technology Initiative Week1 Recap
Brixton Library Technology Initiative Week1 RecapBrixton Library Technology Initiative Week1 Recap
Brixton Library Technology Initiative Week1 Recap
 
Fortran - concise review
Fortran - concise reviewFortran - concise review
Fortran - concise review
 
Password protected diary
Password protected diaryPassword protected diary
Password protected diary
 
The GO programming language
The GO programming languageThe GO programming language
The GO programming language
 
8 statement-level control structure
8 statement-level control structure8 statement-level control structure
8 statement-level control structure
 
C notes diploma-ee-3rd-sem
C notes diploma-ee-3rd-semC notes diploma-ee-3rd-sem
C notes diploma-ee-3rd-sem
 
Fortran 95
Fortran 95Fortran 95
Fortran 95
 
C++ ppt
C++ pptC++ ppt
C++ ppt
 
C programming session3
C programming session3C programming session3
C programming session3
 
Introduction to C programming
Introduction to C programmingIntroduction to C programming
Introduction to C programming
 
Intr fortran90
Intr fortran90Intr fortran90
Intr fortran90
 
POLITEKNIK MALAYSIA
POLITEKNIK MALAYSIAPOLITEKNIK MALAYSIA
POLITEKNIK MALAYSIA
 
Switch case and looping statement
Switch case and looping statementSwitch case and looping statement
Switch case and looping statement
 
The Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyThe Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency Statically
 
Fortran introduction
Fortran introductionFortran introduction
Fortran introduction
 
Ch4 Expressions
Ch4 ExpressionsCh4 Expressions
Ch4 Expressions
 
Notes on algorithms
Notes on algorithmsNotes on algorithms
Notes on algorithms
 
Decision making and loop in C#
Decision making and loop in C#Decision making and loop in C#
Decision making and loop in C#
 

Similar to Modern Software Testing and Formal Verification Techniques

Integrating Model Checking and Procedural Languages
Integrating Model Checking and Procedural LanguagesIntegrating Model Checking and Procedural Languages
Integrating Model Checking and Procedural Languagesbutest
 
Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...
Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...
Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...Sergey Staroletov
 
NASA Formal Methods Symposium
NASA Formal Methods SymposiumNASA Formal Methods Symposium
NASA Formal Methods SymposiumDaniela Remenska
 
Tricky math puzzle project report
Tricky math puzzle project reportTricky math puzzle project report
Tricky math puzzle project reportSanzid Kawsar
 
Python Programming - III. Controlling the Flow
Python Programming - III. Controlling the FlowPython Programming - III. Controlling the Flow
Python Programming - III. Controlling the FlowRanel Padon
 
265 ge8151 problem solving and python programming - 2 marks with answers
265 ge8151 problem solving and python programming - 2 marks with answers265 ge8151 problem solving and python programming - 2 marks with answers
265 ge8151 problem solving and python programming - 2 marks with answersvithyanila
 
9781111530532 ppt ch05
9781111530532 ppt ch059781111530532 ppt ch05
9781111530532 ppt ch05Terry Yoast
 
9781111530532 ppt ch05
9781111530532 ppt ch059781111530532 ppt ch05
9781111530532 ppt ch05Terry Yoast
 
APP_Unit 1_updated.pptx
APP_Unit 1_updated.pptxAPP_Unit 1_updated.pptx
APP_Unit 1_updated.pptxgogulram2
 
Problem Solving Techniques
Problem Solving TechniquesProblem Solving Techniques
Problem Solving TechniquesAshesh R
 
Staroletov testing TDD BDD MBT
Staroletov testing TDD BDD MBTStaroletov testing TDD BDD MBT
Staroletov testing TDD BDD MBTSergey Staroletov
 
Lesson 1 of c programming algorithms and flowcharts.pptx
Lesson 1 of c programming algorithms and flowcharts.pptxLesson 1 of c programming algorithms and flowcharts.pptx
Lesson 1 of c programming algorithms and flowcharts.pptxAlinaMishra7
 
Programming in Java: Getting Started
Programming in Java: Getting StartedProgramming in Java: Getting Started
Programming in Java: Getting StartedMartin Chapman
 
When Good Code Goes Bad: Tools and Techniques for Troubleshooting Plone
When Good Code Goes Bad: Tools and Techniques for Troubleshooting PloneWhen Good Code Goes Bad: Tools and Techniques for Troubleshooting Plone
When Good Code Goes Bad: Tools and Techniques for Troubleshooting PloneDavid Glick
 
SPoC: search-based pseudocode to code
SPoC: search-based pseudocode to codeSPoC: search-based pseudocode to code
SPoC: search-based pseudocode to codeMinhazul Arefin
 

Similar to Modern Software Testing and Formal Verification Techniques (20)

Integrating Model Checking and Procedural Languages
Integrating Model Checking and Procedural LanguagesIntegrating Model Checking and Procedural Languages
Integrating Model Checking and Procedural Languages
 
Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...
Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...
Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-B...
 
Symbolic Execution And KLEE
Symbolic Execution And KLEESymbolic Execution And KLEE
Symbolic Execution And KLEE
 
NASA Formal Methods Symposium
NASA Formal Methods SymposiumNASA Formal Methods Symposium
NASA Formal Methods Symposium
 
Tricky math puzzle project report
Tricky math puzzle project reportTricky math puzzle project report
Tricky math puzzle project report
 
Python Programming - III. Controlling the Flow
Python Programming - III. Controlling the FlowPython Programming - III. Controlling the Flow
Python Programming - III. Controlling the Flow
 
265 ge8151 problem solving and python programming - 2 marks with answers
265 ge8151 problem solving and python programming - 2 marks with answers265 ge8151 problem solving and python programming - 2 marks with answers
265 ge8151 problem solving and python programming - 2 marks with answers
 
9781111530532 ppt ch05
9781111530532 ppt ch059781111530532 ppt ch05
9781111530532 ppt ch05
 
9781111530532 ppt ch05
9781111530532 ppt ch059781111530532 ppt ch05
9781111530532 ppt ch05
 
Turbo prolog 2.0 basics
Turbo prolog 2.0 basicsTurbo prolog 2.0 basics
Turbo prolog 2.0 basics
 
rlhf.pdf
rlhf.pdfrlhf.pdf
rlhf.pdf
 
APP_Unit 1_updated.pptx
APP_Unit 1_updated.pptxAPP_Unit 1_updated.pptx
APP_Unit 1_updated.pptx
 
Problem Solving Techniques
Problem Solving TechniquesProblem Solving Techniques
Problem Solving Techniques
 
Staroletov testing TDD BDD MBT
Staroletov testing TDD BDD MBTStaroletov testing TDD BDD MBT
Staroletov testing TDD BDD MBT
 
Lesson 1 of c programming algorithms and flowcharts.pptx
Lesson 1 of c programming algorithms and flowcharts.pptxLesson 1 of c programming algorithms and flowcharts.pptx
Lesson 1 of c programming algorithms and flowcharts.pptx
 
Programming in Java: Getting Started
Programming in Java: Getting StartedProgramming in Java: Getting Started
Programming in Java: Getting Started
 
When Good Code Goes Bad: Tools and Techniques for Troubleshooting Plone
When Good Code Goes Bad: Tools and Techniques for Troubleshooting PloneWhen Good Code Goes Bad: Tools and Techniques for Troubleshooting Plone
When Good Code Goes Bad: Tools and Techniques for Troubleshooting Plone
 
Dutch PHP Conference 2013: Distilled
Dutch PHP Conference 2013: DistilledDutch PHP Conference 2013: Distilled
Dutch PHP Conference 2013: Distilled
 
SPoC: search-based pseudocode to code
SPoC: search-based pseudocode to codeSPoC: search-based pseudocode to code
SPoC: search-based pseudocode to code
 
Plc by Mohamed Al-Emam, Session3
Plc by Mohamed Al-Emam, Session3Plc by Mohamed Al-Emam, Session3
Plc by Mohamed Al-Emam, Session3
 

More from Sergey Staroletov

Distributed Systems Presentation for Business informatics students (Staroletov)
Distributed Systems Presentation for Business informatics students (Staroletov)Distributed Systems Presentation for Business informatics students (Staroletov)
Distributed Systems Presentation for Business informatics students (Staroletov)Sergey Staroletov
 
Теория языков программирования некоторые слайды к лекциям
Теория языков программирования некоторые слайды к лекциямТеория языков программирования некоторые слайды к лекциям
Теория языков программирования некоторые слайды к лекциямSergey Staroletov
 
Staroletov Design by Contract, verification of Cyber-physical systems
Staroletov Design by Contract, verification of Cyber-physical systemsStaroletov Design by Contract, verification of Cyber-physical systems
Staroletov Design by Contract, verification of Cyber-physical systemsSergey Staroletov
 
An Application of Test-Driven Development Methodology into the Process of Ha...
An Application of Test-Driven Development Methodology into the Process of Ha... An Application of Test-Driven Development Methodology into the Process of Ha...
An Application of Test-Driven Development Methodology into the Process of Ha...Sergey Staroletov
 
Applying Model Checking Approach with Floating Point Arithmetic for Verificat...
Applying Model Checking Approach with Floating Point Arithmetic for Verificat...Applying Model Checking Approach with Floating Point Arithmetic for Verificat...
Applying Model Checking Approach with Floating Point Arithmetic for Verificat...Sergey Staroletov
 

More from Sergey Staroletov (6)

Distributed Systems Presentation for Business informatics students (Staroletov)
Distributed Systems Presentation for Business informatics students (Staroletov)Distributed Systems Presentation for Business informatics students (Staroletov)
Distributed Systems Presentation for Business informatics students (Staroletov)
 
Теория языков программирования некоторые слайды к лекциям
Теория языков программирования некоторые слайды к лекциямТеория языков программирования некоторые слайды к лекциям
Теория языков программирования некоторые слайды к лекциям
 
Staroletov Design by Contract, verification of Cyber-physical systems
Staroletov Design by Contract, verification of Cyber-physical systemsStaroletov Design by Contract, verification of Cyber-physical systems
Staroletov Design by Contract, verification of Cyber-physical systems
 
An Application of Test-Driven Development Methodology into the Process of Ha...
An Application of Test-Driven Development Methodology into the Process of Ha... An Application of Test-Driven Development Methodology into the Process of Ha...
An Application of Test-Driven Development Methodology into the Process of Ha...
 
Applying Model Checking Approach with Floating Point Arithmetic for Verificat...
Applying Model Checking Approach with Floating Point Arithmetic for Verificat...Applying Model Checking Approach with Floating Point Arithmetic for Verificat...
Applying Model Checking Approach with Floating Point Arithmetic for Verificat...
 
Cameroun (Francophone day)
Cameroun (Francophone day)Cameroun (Francophone day)
Cameroun (Francophone day)
 

Recently uploaded

Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 

Recently uploaded (20)

Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 

Modern Software Testing and Formal Verification Techniques

  • 1. Modern Software Testing and Formal Verification Techniques Day 2 Sergey Staroletov Polzunov Altai State Technical University, Lenin avenue 46, Barnaul, 656038, Russia Email: serg soft@mail.ru June 25, 2019 1 / 52
  • 2. Testing and Formal Verification Software engineering world has already developed a sufficient amount of testing technologies and they are applicable well when creating typical desktop applications or web sites with their business logic. For systems that need to work in the CRITICAL industries such as embedded control systems, aircraft management entities, operating system components, the testing process does not guarantee sufficient output quality of the product and the appearance of an error can lead to costly consequences. It is because the testing is not able to prove the absence of errors over all possible states and can only show their lack at a particular test. 2 / 52
  • 3. Model Checking Formal verification is a way to mathematically prove the model program with respect to the requirements (assumptions of correct model behavior). In the Model Checking approach, these requirements are usually expressed in a timed logic, such as LTL or CTL. The models for verification are usually written in a special modeling language, which simplifies ordinary imperative or functional programming language with some reduction of types, available memory, standard library but adds some kind of modeling of process interoperations and non-deterministic transitions. 3 / 52
  • 4. SPIN and Promela SPIN [spinroot.com] is a verifier for models written in special Promela input language with respect to given LTL requirements consisted of model key variables. Some language features: it is an actor-based (process-oriented) language a C-style syntax in some cases code in the language looks having the functional style, but the language does not offer to define functions, it uses inline declarations quite similar to the macros in C allows non-deterministic transitions primarily designed to describe protocols interoperations. Nearest closest mainstream language is Erlang. 4 / 52
  • 5. SPIN and Promela SPIN: Simple Promela INterpreter Promela: PROtocol MEta-LAnguage Based on researches by Amir Pnueli (LTL) Gerard J. Holzmann (SPIN) 5 / 52
  • 7. Get my code samples for free! https://github.com/SergeyStaroletov/PromelaSamples 7 / 52
  • 8. SPIN and Promela example int var = 2; int count = 0; l t l formula { [ ] ( var >= 0)} active proctype main ( ) { do : : count != 3 −> { i f : : true−> var = var + 1; : : true−> var = var − 1; f i count = count + 1; } : : else −> break od } 8 / 52
  • 9. SPIN internal automaton for the example program 9 / 52
  • 10. SPIN internal automaton for the example formula 10 / 52
  • 11. Parallel composition of internal automata of program and formula 11 / 52
  • 12. Parallel composition of internal automata of program and formula with non-determinism resolution 12 / 52
  • 13. Main problem in Model Checking The problem of the explosion of the number of states during the verification of real programs is exist and it is very challenging. The more processes and the more parallel instructions in a program, the more difficult it becomes to do the verification (if it is possible at all!), because the number of states is growing too fast. To reduce the brute force, special algorithms are used: Partial order reduction State compression Symbolic model checking Bitstate hashing Bounded context switching 13 / 52
  • 14. Non-deterministic IF clause The Promela language contains conditions in the form i f : : boolean expression1 −> actions1 : : boolean expression2 −> actions2 : : boolean expressionN −> actionsN f i It is considered that in order to perform a certain action, it is necessary that the corresponding logical expression was true. 14 / 52
  • 15. Non-deterministic IF clause The Promela language contains conditions in the form Refer to the code snippet in Promela, modeling the Leader Selection algorithm (Dolev, Klawe & Rodeh): i f /∗ non−d e t e r m i n i s t i c choice ∗/ : : I n i [ 0 ] == 0 && N >= 1 −> I n i [ 0 ] = I : : I n i [ 1 ] == 0 && N >= 2 −> I n i [ 1 ] = I : : I n i [ 2 ] == 0 && N >= 3 −> I n i [ 2 ] = I : : I n i [ 3 ] == 0 && N >= 4 −> I n i [ 3 ] = I : : I n i [ 4 ] == 0 && N >= 5 −> I n i [ 4 ] = I : : I n i [ 5 ] == 0 && N >= 6 −> I n i [ 5 ] = I f i with N equal to, for example, 3 and the zero value of Ini, it has four variants of non-deterministic steps in the Promela model to continue at this point. 15 / 52
  • 16. Degree of abstraction in modeling languages Modeling languages are declarative They offers to decompose system behavior to very high-level model We do not care about particular logic of transitions: we just say: sometime there will be a transition During model checking process the verifier will check all possible variants of transitions 16 / 52
  • 17. Expressing requirements in LTL LTL formula – is a formula on global program variables, standard boolean and newly introduced additional operators: [] – the temporal operator Globally (”Always”). [] p means that the predicate p must always be hold (if p is false in one of the states, we get an error) <> – temporal operator Eventually (”Sometimes”). <> p means that p should become true sometime in the future (before that it may be false) X (Next), X p means that p should be true in the next state, however, it is not available in SPIN by default U – is the temporal operator ”Until”. p U q means that q should be hold at some point in time in the future, and before that p should be hold all the time W – is the temporal operator ”non-strict Until”, p W q works in the same way as p U q, but q can never be hold (or it can be hold) V is the double U, (p V q) means !(!p U !q) 17 / 52
  • 18. Expressing requirements in LTL Examples from the book ”Model Checking” by Y.G. Karpov: Today he plays jazz, tomorrow he will sell his Motherland (Next) Lenin lived, Lenin lives, Lenin will live. V.I. Lenin (Globally) Once Persil is always Persil (Globally with implication) We are not friends until you apologize (Until) We will fight until we win (non-strict Until ) Someday I will definitely love Masha (Eventually) 18 / 52
  • 20. Sample system: Login Window A model for GUI: 4 windows with checking login data and opening secret or non-secret window 20 / 52
  • 22. Main window model code 22 / 52
  • 23. Main window model internal automaton 23 / 52
  • 24. Login window model code 24 / 52
  • 25. Login window model internal automaton 25 / 52
  • 26. Secret and Non-Secret window model code 26 / 52
  • 28. iSpin tool – simulation 28 / 52
  • 29. iSpin tool – MSC 29 / 52
  • 30. iSpin tool – Verification 30 / 52
  • 31. iSpin tool – Verification – incorrect formula implies verification error 31 / 52
  • 32. iSpin tool – Verification – incorrect formula implies verification error - replaying the counterexample 32 / 52
  • 33. Modeling a queuing system: Russian Fast-Food A Hungry Man makes an order to the Manager and expects it; The Manager waits for the order, transfers the order for Pancake and Kvass to the Cook, waits for the finished Pancake and poured Kvass from the Cook and transfers the finished order to the Hungry Man; The Cook receives an order for Kvass and a Pancake from the Manager, pours Kvass and prepares a Pancake; Kvass and Pancake are waiting for the Cook to cook them, and are served to the Manager. 33 / 52
  • 34. Modeling a queuing system: Russian Fast-Food 34 / 52
  • 35. Modeling a queuing system: Russian Fast-Food 35 / 52
  • 36. Modeling a queuing system: Russian Fast-Food 36 / 52
  • 37. Modeling a queuing system: Russian Fast-Food 37 / 52
  • 38. Modeling a queuing system: Russian Fast-Food :: Simulation (Got an error) 38 / 52
  • 39. Modeling a queuing system: Russian Fast-Food :: Simulation in a loosing message channel mode (OK) 39 / 52
  • 40. Modeling a queuing system: Russian Fast-Food So, the system will have a starvation. Direct process operation will lead to loosing the orders. Such queuing systems requires the queuing. 40 / 52
  • 41. Solving recursive puzzles with Model Checking based on CounterExample-Driven Approach We want to solve logic puzzles That puzzle can be solved recursively or sometimes using dynamic programing method We can use different approach 1 Code in Promela the system behavior from the problem description with using non-deterministic if clause 2 Request SPIN verifier to check the goal: we will not solve this game 3 If the game is solvable, the verifier will found a counterexample 4 The counterexample is a solution. 41 / 52
  • 42. Hano¨ı Tower Suppose there are three rods on which you can fit round disks of different sizes, and you must put a smaller disk on a larger disk, but not vice versa. We assume that there are 5 disks. Initially they are all on the first bar. It is necessary to move them (all 5) to the third rod, using the second rod as an intermediate place. 42 / 52
  • 43. Hano¨ı Tower Suppose there are three rods on which you can fit round disks of different sizes, and you must put a smaller disk on a larger disk, but not vice versa. We assume that there are 5 disks. Initially they are all on the first bar. It is necessary to move them (all 5) to the third rod, using the second rod as an intermediate place. 43 / 52
  • 44. Hano¨ı Tower (real photo) 44 / 52
  • 45. Hano¨ı Tower – initial code 45 / 52
  • 46. Hano¨ı Tower – step rules Check if there are any more discs on the rod. Is it possible to move to another rod (the number of elements there is in 0 to N, not including the upper disk on the rod with the size not larger than that moved disk size)? Move the disk by adding an element to the top of the array, increasing the number of elements in the new rod and decreasing in the old one. Or maybe we do not to do it, but why not to switch to another rod to move disks from it or move them to another rod? 46 / 52
  • 47. Hano¨ı Tower – step code (1 to 2) 47 / 52
  • 48. Hano¨ı Tower – verification Trying the counterexample [] (count3 != 5) and we got a solution! 48 / 52
  • 49. Hano¨ı Tower – simulation the counterexample with the solution 49 / 52
  • 50. Hano¨ı Tower – optimal solution Trying formulas like [] ( count3!=5 || moves!=50) and decrease moves count and we got the optimal solution with [] ( count3!=5 || moves!=31)! It required to reduce Maximum Search Depth to 1000 steps. 50 / 52
  • 51. My research on Model Checking Towards a Probabilistic Extension to Non-Deterministic Transitions in Model-Based Checking. SYRCoSE 2019. Applying Model Checking Approach with Floating Point Arithmetic for Verification of Air Collision Avoidance Maneuver Hybrid Model. Accepted for SPIN 2019. A Method to Verify Parallel and Distributed Software in C# by Doing Roslyn AST Transformation to a Promela Model. Preprint. 51 / 52
  • 52. Learn more about Model Checking by reading in a calm place 52 / 52